In Oracle apex i currently have a login page and authentication scheme based on the provided login page that apex automatically generates when you make a new application. However, i want users to be able to make an account so i inserted a create button on the login page that redirects to a form that lets them make an account. The problem is that this create account form is inside the application so a user needs to log in first before they can create an account which makes no practical sense. I want this create account form to be outside of my application so that users can create an account and then use it to log in.
Im not too sure what to do here since every form and page seems to only be accessible once you log in yet i want a create account form before you log in. Any help is appreciated.
Your "Create account" page needs to be public, to do this you have to:
Got to your page, Security > Authentication > Change "Page Requires Authentication" to "Page is Public"
Related
I am using Keycloak to secure my application but I am using an extra database too. I am holding my users in both of them. Thus whevener a change is made to a user, the user needs to be updated in both the Keycloak db and my db. Thus whenever the application's main page loads, I update the user (everytime). Because maybe the user was changed from the Keycloak User Account Management service. And I need to put the change in the db.
But I don't want to do this everytime the app loads. I would like to know if there's a way to know Keycloak acocunt page was opened by the user. (So that I can update the users only then) Maybe Keycloak returns a parameter or smt? I don't know.
If anyone can help, I would be grateful.
I am using Cognito User pools and the hosted Cognito UI. I want new users to be disabled when they first sign-up.
I am trying to use a Cognito Trigger to disable the user.
The "Pre sign-up" trigger is to soon, the user has not been created yet. I have successfully used the "Post confirmation" to disable the user, however this is causing a side effect. After the user enters the confirmation code which is emailed to them, they see this message in the hosted UI "User is disabled".
Does anyone have a suggested solution on how to make the new users disabled by default?
We had a similar Business Requirement. For us we made use of a User Pool Group. This allowed the sign up and validation process to work as normal. We had the Post Confirmation trigger send our product team an email with details about the new confirmed user. We had a simple UI for the product team to add the group to a user if they should have access.
To Deny/Grant Access to the app: Our app checked the ID Token, once a user successfully authenticated, for the group (the ID Token has a 'cognito:groups' key which contains a list of all the groups the user is in). If the group was not present we displayed a page showing the user a customized access denied message
Our DocusSgn integration is currently a two step process:
the user clicks on "Login to DocuSign" whereupon they are redirected to "https://account-d.docusign.com/oauth/auth?response_type=code&scope=signature%20impersonation&client_id=00000000-0000-0000-0000-000000000000&state=00000000-0000-0000-0000-000000000000&prompt=login&redirect_uri=www.stackoverflow.com/app/callback" (for example) where they login, so that we can get an authentication.
we have the templates populated from DocuSign using the authentication. The user selects the template and clicks "Go to DocuSign" where upon a popup takes them to "https://appdemo.docusign.com/documents/details/c921ac4b-fdae-48a9-a70e-5d8a4e3e0089" for example.
The problem is that the user is forced to login both times. The expectation is that after the initial login during step 1, the user would not need to login again in step 2 since the domain names match (and DocuSign would create session cookies for the login).
Is there any way/process that we can follow which would allow us to not have to do this awkward double login?
thanks in advance!!!
First Login is the OAUTH login in which user is giving your IntegratorKey (Client_Id) access to call DS ESign APIs and impersonate user on the user's behalf. Using this flow you will never get access to bypass DS Weblogin page to access the page hosted by DocuSign like the one which you have - https://appdemo.docusign.com/documents/details/c921ac4b-fdae-48a9-a70e-5d8a4e3e0089. If you want to give access to the user to edit the templates using API then you need to use below API call with the OAUTH Access token:
POST /v2/accounts/{accountId}/templates/{templateId}/views/edit
Documentation for the same is available at:
TemplateViews: createEdit
Im trying to add google oauth2 as my login method in superset. Users cant register by their own, the system admin must provide access for the user deppending on permissions/role.
When a annonymous user loged in, the system must check if the user email exist and what role is applied to him and show the user profile
I already have the google oauth2 linked in superset, i can click in the login google button the login pop apears and enter the email and pasword of an google acount. But when the login is done, it apears a message saying that the user is not authorized.
Login Page
After Login, with console error (page stays loading...)
The question is how i can associate an google user to a superset user, or register an user by this google oauth2 method with the respective role?
One thing you can do is set Flask App Builder's AUTH_USER_REGISTRATION = True and
AUTH_USER_REGISTRATION_ROLE = "some_default_role".
Then if you want to alter the registration flow, I'd recommend setting your own SecurityManager and overriding BaseSecurityManager.auth_user_oauth . I'd copy the source of that method and alter it.
I'd be great if FAB had a pre_registration hook in BaseSecurityManager for this purpose. Maybe it could receive the User object FAB is planning on creating (before it gets created) and could return a list of roles, or None if we want to abort the registration process.
I want to add a page to my Umbraco website that only users who are logged into the Umbraco back end will be able to access, but I haven't been able to figure out how Umbraco does it's authentication.
All that I've been able to figure out from debugging is that after I log in to Umbraco, I check HttpContext.Current.User.Identity.IsAuthenticated, it's false, so it's not doing authentication that way.
Does anyone know where I'd find the code where Umbraco does it's authentication checks and sends users back to the login screen if they're not logged in? I need to hook in to this and extend it to my new page.
ANSWER
Check umbraco.BusinessLogic.User.GetCurrent() to get the user currently logged in to the Umbraco back end.
Check out Umbraco's Public Access. This is the mechanism Umbraco uses to secure pages. Umbraco uses a separate membership table for Umbraco Users (back-end) and Umbraco Members (front-end), so you'll have to add the users in twice, if you're wanting the Users to access certain pages.
You'll need to create a login page with some login controls on it. You'll also need an "Error page" which is basically the page the user would be sent to if they were not authorized to view the requested page. Morten Bock Sørensen gives a good walk through for how to set this up in a blog post.
Alternatively, you could place the content you wish to secure in a dashboard in the back-end. You could even hook a user control into the dashboard that pulls the content in dynamically from a node.
Found the answer. All you need to do is check umbraco.BusinessLogic.User.GetCurrent() to see if the user is logged in to the Umbraco back end.